Troubleshoot — Cannot reach Destination server (Permission Denied)

Scenario

You are using nginx and trying to call the downstream application but it returns http 502.

Cause

The reason could be because SELINUX would have blocked certain port. You can check the logs for more details.

Steps

The following example is from a sample repo whereby the downstream application uses port 801 and 802.

1. Check the ngnix logs — /var/log/ngnix/error.log
   From here you will be able to see the error “permission denied”

2. Check the audit log — /var/log/audit/audit.log
Command:

sudo cat /var/log/audit/audit.log | grep nginx | grep denied

3. Check the port that are allowed.
Command:

semange port -l | grep http

4. You can allow them for testing if it’s a legit request.
Command:

semanage port -a -t http_port_t -p tcp 801